CVE-2018-20434 - LibreNMS Addhost Command Injection

LibreNMS 1.46 allows remote attackers to execute arbitrary OS commands by using the $POST'community' parameter to html/pages/addhost.inc.php during creation of a new device, and then making a /ajaxoutput.php?id=capture&format=text&type=snmpwalk&hostname=localhost request that triggers...

ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2019-04686)

ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras and more. A cross-site scripting vulnerability exists in the build of SQL-ERR messages in the includes/database.php file of ZoneMinder versions prior to 1.32.3, which can be exploited b...

ZoneMinder Command Injection Vulnerability

ZoneMinder is a free and open source CCTV software application for Linux environments that supports IP, USB and analog cameras. A command injection vulnerability exists in ZoneMinder prior to version 1.32.3 in the daemonControl in includes/functions.php, which can be exploited by an attacker via...

UBUNTU-CVE-2019-8427

daemonControl in includes/functions.php in ZoneMinder before 1.32.3 allows command injection via shell metacharacters...

DEBIAN-CVE-2019-8427

daemonControl in includes/functions.php in ZoneMinder before 1.32.3 allows command injection via shell metacharacters...

The vulnerability of the Squid proxy server, related to accessing beyond the allocated buffer memory, allows attackers to cause a service failure.

The vulnerability of the Squid proxy server is related to an error that causes data to exceed the allocated memory buffer when processing ESI responses or loading certificates from intermediate certification centers. Exploiting this vulnerability can allow a malicious actor to cause service...

Object Injection

wordpress is vulnerable to PHP object injection. The vulnerability exists in the wpgetattachmentthumbfile function in wp-includes/post.php because the attack can be triggered by inputting manipulated metadata. in the wpgetattachmentthumbfile function in wp-includes/post.php...

CVE-2018-18803

Curriculum Evaluation System 1.0 allows SQL Injection via the login screen, related to frmCourse.vb and includes/user.vb...

CVE-2018-18803

Curriculum Evaluation System 1.0 allows SQL Injection via the login screen, related to frmCourse.vb and includes/user.vb...

CVE-2018-18803

CVE-2018-18803 corresponds to a SQL Injection in Curriculum Evaluation System 1.0, exploitable via the login screen. Technical details in connected records show the vulnerability stems from building SQL queries by string concatenation in code paths (e.g., frmCourse.vb and includes/user.vb), enabl...

WordPress 4.5.x < 4.5.12 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - wp-admin/user-new.php sets the newbloguser key to a string that can be directly derived from the user ID, which allows remote attackers to bypass intended access...

Curriculum Evaluation System 1.0 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: Curriculum Evaluation System 1.0 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: https://www.sourcecodester.com/users/janobe Software Link:...

CVE-2016-10734

ProjectSend formerly cFTP r582 allows Insecure Direct Object Reference via includes/actions.log.export.php...

Authentication flaw

ProjectSend formerly cFTP r582 allows Insecure Direct Object Reference via includes/actions.log.export.php...

CVE-2016-10734

ProjectSend formerly cFTP r582 allows Insecure Direct Object Reference via includes/actions.log.export.php...

CVE-2016-10734

ProjectSend (formerly cFTP) r582 contains an Insecure Direct Object Reference vulnerability in includes/actions.log.export.php. The CNVD entry notes that ProjectSend is a PHP/MySQL self-hosted application, and the NVD entry documents a high-impact issue with access control to object references. T...

Semmle: Server side includes in https://lgtm-com.pentesting.semmle.net/internal_api/v0.2/savePublicInformation leads to 500 server error and D-DOS

Summary: Improper sanitizing of input in one of the input forms in https://lgtm-com.pentesting.semmle.net/internalapi/v0.2/savePublicInformation leads to server side include that causes a 500 internal server error and a possible denial of service. Description: After login in to semmle , in other ...

CVE-2018-15676

An issue was discovered in BTITeam XBTIT. By using String.replace and eval, it is possible to bypass the includes/crkprotection.php anti-XSS mechanism that looks for a number of dangerous fingerprints...

Apache Traffic Server Security Bypass Vulnerability

Apache Traffic Server ATS is the United States Apache Apache Software Foundation, an HTTP proxy and caching server. A security vulnerability exists in Apache ATS versions 6.0.0 through 6.2.2 and 7.0.0 through 7.1.3, which stems from the fact that pages rendered using the ESI plugin can access...

CVE-2018-12895

CVE-2018-12895 affects WordPress up to version 4.9.6. An Author (needs files and posts capabilities) can trigger directory traversal via the thumb parameter in wp-admin/post.php, causing the PHP unlink call to delete wp-config.php through a missing filename validation in wp-includes/post.php wp_d...